That's right! I'm not a wizard, but I have the cure. A group of IT experts are probably crucifying me for simplifying this. But it usually works in any simplification. Read on, it's going to be really simple. Your IT can be more secure today - I promise you.
Microsoft, Google, Amazon and many others spend incredible amounts of money on security for their solutions. They have all sorts of certifications, huge security teams.
But ... we ordinary users of Teams, Google doc(s) throw pitchforks at them and quite often forget that the problem is usually somewhere else = WITH US = the same and trivial passwords for different services (this is the problem of so-called shared responsibility *1).
Why do we keep doing the same "crap" over and over again and don't let each other know?
Well, because we are comfortable and we "great aunties" make it complicated, incomprehensible and quite often magical. It's not magic, but it does hurt a little.
And the cure?
- I use a unique password for each service that I don't remember and have stored in my password manager *2
- I have that pesky 2nd factor authentication turned on everywhere it can be turned on. It's the same as I have when I log into my bank (App, SMS)
- I make no exceptions and apply the first TWO POINTS over and over again
- If I want to keep it echt fancy, I'll ask my IT guys to make the second factor necessary for PC/Mac login + the ever popular remote desktop (RDP).
- If you follow points 1-3, a common attacker will most likely leave you alone. And if you do happen to get broken into, be sure to back up according to the 3-2-1 rule and restore your IT to a working state quickly.
*1 For Software as a Service products (Teams, Google Worskpace), the cloud provider handles the "chassis" and it is up to us to at least manage and secure user identities = login + password + ideally something that only we know or have.
*2 Next time we will wade into the waters of password managers. It's a matter of opinion.
#hackerprotect #cybersecurity #technology #cloud